Re: krb5 builtin busted ? (was Re: heimdal builtin busted?)

To: Richard PALO <richard%netbsd.org@localhost>
Subject: Re: krb5 builtin busted ? (was Re: heimdal builtin busted?)
From: "John D. Baker" <jdbaker%mylinuxisp.com@localhost>
Date: Tue, 27 Sep 2016 15:44:37 -0500 (CDT)

On Mon, 26 Sep 2016, Richard PALO wrote:

> Le 25/09/16 21:56, John D. Baker a écrit :
> > So, no change in behavior with or without the patch.
> 
> Well, this patchset (regarding this situation) only adapted from
> KRB5_DEFAULT?=heimdal with 'natively' installed mit-krb5 or heimdal.
> 
> Meaning that, in this particular case, the result of KRB5_DEFAULT is
> identical for you unless you explicitly set KRB5_DEFAULT=mit-krb5.

Right.  For NetBSD, KRB5_DEFAULT is "heimdal" (the native/builtin version)
regardless of whether another kerberos has been installed.

> (btw, have you tried this?)

No.  At least, I've not resorted to this yet.

> I can certainly see the value of checking first for something already
> installed, so I'll see if I can come up with something for evaluation.

I wonder why one package's need for a different kerberos implementation
should adversely affect other packages' satisfaction with the
native/builtin kerberos (whichever it may be).  Having pkgsrc "mit-krb5"
installed shouldn't break other packages ability to use a native "heimdal"
(and vice-versa, I should think).

> Unfortunately, if PREFER_PKGSRC is set and/or if something has already
> installed heimdal, then wireshark only supporting mit-krb5 remains a
> sticky problem...

Well, previous wireshark versions (up to v2.0.4 in pkgsrc-2016Q2) were
happy with the builtin "heimdal" krb5 implementation, but v2.2.0 in
HEAD/pkgsrc-2016Q3 is not, so it limits "KRB5_ACCEPTED" to "mit-krb5"
only and explicitly depends on "security/mit-krb5" via its "buildlink3.mk".

> nobody has come up with a fix for it yet?

Apparently not, although

  http://mail-index.NetBSD.org/pkgsrc-users/2016/09/21/msg023779.html

seems to imply that it is an issue to be investigated.

-- 
|/"\ John D. Baker, KN5UKS               NetBSD     Darwin/MacOS X
|\ / jdbaker[snail]mylinuxisp[flyspeck]com    OpenBSD            FreeBSD
| X  No HTML/proprietary data in email.   BSD just sits there and works!
|/ \ GPGkeyID:  D703 4A7E 479F 63F8 D3F4  BD99 9572 8F23 E4AD 1645

Follow-Ups:
- Re: krb5 builtin busted ? (was Re: heimdal builtin busted?)
  - From: Mark Davies
- Re: krb5 builtin busted ? (was Re: heimdal builtin busted?)
  - From: David Holland

References:
- heimdal builtin busted?
  - From: Richard PALO
- krb5 builtin busted ? (was Re: heimdal builtin busted?)
  - From: Richard PALO
- Re: krb5 builtin busted ? (was Re: heimdal builtin busted?)
  - From: Richard PALO
- Re: krb5 builtin busted ? (was Re: heimdal builtin busted?)
  - From: John D. Baker
- Re: krb5 builtin busted ? (was Re: heimdal builtin busted?)
  - From: Richard PALO

Prev by Date: daily pkgsrc CVS update output
Next by Date: daily pkgsrc CVS update output
Previous by Thread: Re: krb5 builtin busted ? (was Re: heimdal builtin busted?)
Next by Thread: Re: krb5 builtin busted ? (was Re: heimdal builtin busted?)
Indexes:

Home | Main Index | Thread Index | Old Index